Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Gentoo: GLSA-201811-13 Normal Severity: Mozilla Thunderbird Code Execution

gentoo
Calendar Grey November 24, 2018
Dist Gentoo Esm H88
Various vulnerabilities impact Mozilla Thunderbird, allowing for potential arbitrary code execution. Ensure you update immediately to enhance your security measures.
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code.

Summary

Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details.

Topics%20covered

Topics Covered

security advisory gentoo remote exploit code execution mozilla thunderbird normal severity

Resolution

All Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-60.3.0"
All Thunderbird binary users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-60.3.0"

References

[ 1 ] CVE-2017-16541 https://nvd.nist.gov/vuln/detail/CVE-2017-16541 [ 2 ] CVE-2018-12359 https://nvd.nist.gov/vuln/detail/CVE-2018-12359 [ 3 ] CVE-2018-12360 https://nvd.nist.gov/vuln/detail/CVE-2018-12360 [ 4 ] CVE-2018-12361 https://nvd.nist.gov/vuln/detail/CVE-2018-12361 [ 5 ] CVE-2018-12362 https://nvd.nist.gov/vuln/detail/CVE-2018-12362 [ 6 ] CVE-2018-12363 https://nvd.nist.gov/vuln/detail/CVE-2018-12363 [ 7 ] CVE-2018-12364 https://nvd.nist.gov/vuln/detail/CVE-2018-12364 [ 8 ] CVE-2018-12365 https://nvd.nist.gov/vuln/detail/CVE-2018-12365 [ 9 ] CVE-2018-12366 https://nvd.nist.gov/vuln/detail/CVE-2018-12366 [ 10 ] CVE-2018-12367 https://nvd.nist.gov/vuln/detail/CVE-2018-12367 [ 11 ] CVE-2018-12371 https://nvd.nist.gov/vuln/detail/CVE-2018-12371 [ 12 ] CVE-2018-12372 https://nvd.nist.gov/vuln/detail/CVE-2018-12372 [ 13 ] CVE-2018-12373 https://nvd.nist.gov/vuln/detail/CVE-2018-12...

Read the Full Advisory

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201811-13
style>.gentoo_availability{display:block;}

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity: Normal
Title: Mozilla Thunderbird: Multiple vulnerabilities
Date: November 24, 2018
Bugs: #651862, #656092, #660342, #669960, #670102
ID: 201811-13

Topics%20covered

Topics Covered

security advisory gentoo remote exploit code execution mozilla thunderbird normal severity

Synopsis

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code.

Background

Mozilla Thunderbird is a popular open-source email client from the Mozilla project.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mail-client/thunderbird < 60.3.0 >= 60.3.0 2 mail-client/thunderbird-bin < 60.3.0 >= 60.3.0 ------------------------------------------------------------------- 2 affected packages

Impact

===== A remote attacker may be able to execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or conduct Cross-Site Request Forgery (CSRF).

Workaround

There is no known workaround at this time.

Related News

Your message here